1. Field of the Invention
The present invention relates to authentication and more specifically to a system and method of providing authentication based on a process that utilizes, in one aspect, a physical theory or a physical value such as time and in another aspect, a random value.
2. Introduction
Protection of digital content transferred between entities over a network is a principal element of computer security. Computer security includes protection of digital content from theft or corruption, or preservation of system availability. Authentication plays an important role in computer security. Authentication is the process of verifying the digital identity of the sender of a communication. Once an entity has been authenticated, data transfer between the two entities may begin.
Authentication systems provide differing levels of functionality. At a minimum, they allow a recipient to verify that a message originated from a particular user, program or computer. More powerful systems can ensure that messages cannot be copied and replayed in the future, prove to a third party that a message originated with a particular user (non-repudiation), or require multiple users to validate a message.
Authentication is often used in conjunction with cryptography. Cryptography is the traditional method of protecting data. Cryptography protects communications between two mutually trusting parties from thievery or hackers by attack on the data in transit. Encryption is the process of obscuring information in a systematic way, using an algorithm. Decryption is process of removing the protection and retrieving the original data. When using symmetric encryption, encryption and decryption use a key, which is the shared secret that both parties must have. To ensure data integrity, only the authorized parties should hold the secret key. This approach may differ when using asymmetric schemes such as RSA, which is an algorithm for public-key crypotography.
In many communication systems, the weakest link in security is not the encrypted data but rather cryptographic key management and handling. Unauthorized users may gain access to sensitive data when key management is not performed securely.
To date, many processes for authenticating an entity have been proposed. Typically, a sender sends a message and both the sender and receiver use the message and a shared secret key to generate a signature. If the signatures are the same, the entity is accepted as authentic. Due to advancing technology and more sophisticated hacking techniques, there is a need for improved key management techniques.